Simulation of Privacy-Enhancing Technologies in Vehicular Ad-Hoc Networks

TLDR: In this article, an open-source privacy simulation framework was developed to evaluate the level of location privacy enjoyed by drivers in vehicular networks, and a taxonomy of the state of the art in privacy research was provided.

Abstract: Equipping vehicles with communication technology is a promising approach to in- crease both safety and the efficiency of tomorrow’s road traffic. However, without proper privacy protection, such a communication system can be exploited to com- promise drivers’ location privacy or to install fully automated overbearing traffic surveillance. In order to deploy effective Privacy-Enhancing Technologies (PETs), it is not only important to understand the concrete privacy risks that go along with vehicular networks, but also to be able to measure the level of privacy provided by the system. This thesis contributes to privacy research by providing a risk analysis, a taxon- omy for privacy in vehicular networks, and a review of the state of the art in privacy research. We further address shortcomings and potentials of simulation techniques and make recommendations to improve the quality and meaningfulness of privacy simulation. Based on our findings, we develop an open-source privacy simulation framework that allows evaluation of the level of location privacy enjoyed by drivers. Combined with detailed models for American and European communication stan- dards, we provide a powerful tool not only for the analysis of packet-based privacy protection mechanisms, but also to identify performance issues of the envisioned communication protocols. Using our simulator, we develop and evaluate different PETs that address open research topics: We introduce SlotSwap, a time-slotted pseudonym exchange scheme which protects against privacy violations by the system provider. Time-slotted pseu- donyms also protect from Sybil attacks and complicate tracking by simultaneously changing identifiers. Our certificate revocation system SmartRevoc also makes use of this technology and offers an efficient and backward privacy-preserving revoca- tion method. We show that parked vehicles can support the timely distribution of revocation lists and also considerably improve traffic safety. Lastly, we present a robust fingerprinting attack exploiting IEEE 802.11 scramblers that illustrates that one non-privacy-aware component can compromise privacy throughout the entire system. Based on our results we draw conclusions for the design of PETs in future transportation systems.